folx,
portsentry (works for a variety of linux/unix
platforms: http://www.psionic.com/abacus/portsentry/ ) is something i've
been using recently for host-based response to probing. basically it
listens on a bunch of ports you're not using and can take action if it
detects a probe (i have it configured to add a rule to ipchains to deny
packets from that sender, but the response is configurable).
their logcheck package looks interesting, too.
=========================================================
Todd Underwood, [EMAIL PROTECTED]
criticaltv.com criticalfashion.com
news, analysis and criticism. about tv. about fashion.
and other stuff.
=========================================================
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
